Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.privacy

Protect sensitive Android screens from screenshots and recents

Sensitive activities should enable FLAG_SECURE or avoid clearing it so screen content is harder to capture.

#Metadata

Rule ID
java.security.android-screenshot-exposure
Severity
high
Confidence
0.82
Languages
java
Presets
recommended, security, strict
Stability
stable
Applies to
file
Tags
android, privacy, rules-catalog, security

#Why it matters

Finance, authentication, and secret-bearing screens can leak through screenshots, screen recording, and recent-task previews when FLAG_SECURE is missing or cleared.

#Remediation

Enable FLAG_SECURE for sensitive screens, avoid clearing it at runtime, and document exceptions only after explicit threat modeling.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/java/java.security.android-screenshot-exposure.rule.yaml.

Back to directoryOpen rule in repository